Transforming a legacy IT infrastructure into an on-demand operating environment

ABSTRACT

A transformation engine for transforming a legacy IT infrastructure into an on-demand IT infrastructure in a financial services enterprise, the transformation engine comprising: a determiner component for determining a current status of the legacy IT infrastructure; a comparator component for comparing the determined current status to an idealised set of outcome parameters to determine a set of deviation parameters; and the determiner component determining at least one control point within the set of deviation parameters which require enterprise wide governance.

FIELD OF THE INVENTION

The invention relates to the field of architectural modelling methodsand tools. In particular the invention relates to a transformationengine for transforming a legacy information technology (IT)infrastructure into an on-demand operating environment.

BACKGROUND OF THE INVENTION

In the last few years an economic downturn has created a major focus oncost cutting and efficiency initiatives across many types of industries.One of the greatest impacts of the economic downturn, in the years 2002to 2003, has been seen within the financial services sector which hasseen an increase in governmental regulation and a demand for greatertransparency in financial reporting, accounting and risk management.

In response to cost cutting Chief Information Officers (CIO's) havesought to simplify and consolidate their financial servicesinfrastructure. This has been achieved by replacing current ITinfrastructure with new products and services and/or findingopportunities for out-sourcing and off-shoring their service andinfrastructure support. Whilst this approach may have delivered shortterm benefits, the technical infrastructure which is left under thefinancial enterprises control is ill-equipped to meet the demands ofindustry growth. To meet these demands requires the financialenterprises to respond more rapidly to new market opportunities,economic changes and competitive threats. The complexity of ITinfrastructure and applications which support the financial enterprisesoften inhibit the ability to respond rapidly while containing cost andto deliver greater transparency.

Previous industry growth was achieved by rapid geographic expansion andmergers, both of which have left a legacy of increased complexity at abusiness level, an application level and a technical level. With a fewnotable exceptions, what has emerged is a significant duplication andredundancy at each of the above levels. This additional complexity hasmade it increasingly difficult to achieve many of the goals of costcutting and the delivery of transparency mandated by many regulatoryrequirements. Thus many financial service enterprises are left withtrying to achieve organic growth and to operate an efficient and securebusiness on what has become a chaotic development and operationalinfrastructure. For example, it is not unusual for the averageutilisation of servers in a server farm to be between five percent andfifteen percent level of utilisation. This is a result of the serversbeing dedicated to particular applications, rather than providing a setof services that may be shared across multiple applications.

The IT and application infrastructure is slowly becoming no longer fitfor the purpose that the business is beginning to demand for it. Therate of technology change is increasing and along with it there is anincrease in the speed of take up of new technology. This is contributingto an unwieldy IT infrastructure and is not attuned to rapid change atthe technology level or at the application level. In fact, somefinancial enterprises can now take longer to deploy a new softwareproduct release than the maintenance lifecycle of the product itself,leading to increased operational risk. Further, it can also take longerto develop and deploy a new financial product than the time the windowof opportunity for that product remains open.

It has now become apparent that current technology models can no lonersustain the increasing rate and pace of change that is demanded of themby the business. Hence there is a need within the art for a newtechnology model that is able to reach higher levels of utilisation andapplication sharing, and to rapidly absorb a number of changingtechnical and business factors and parameters and thus evolve with theever changing business environment.

SUMMARY OF THE INVENTION

Viewed from a first aspect the present invention provides atransformation engine for transforming a legacy IT infrastructure intoan on-demand IT infrastructure in a financial services enterprise, thetransformation engine comprising: a determiner component for determininga current status of the legacy IT infrastructure; a comparator componentfor comparing the determined current status to an idealised set ofoutcome parameters to determine a set of deviation parameters; and thedeterminer component determining at least one control point within theset of deviation parameters which require enterprise wide governance.

The invention advantageously provides a transformation engine, a methodand an architectural model for transformation a legacy IT infrastructureinto an on-demand operating model. The invention allows enterprises toconcentrate on the technical aspect of their IT infrastructure thatrequire change in order to successfully transform the legacy ITinfrastructure. A number of control points are identified that providethis focus. The control points provide an architectural blue print foran on-demand environment detailing the architecture that is required.

Preferably the present invention provides a transformation engine formonitoring the level of adoption of the at least one control point inthe on-demand operating infrastructure.

Preferably the present invention provides a transformation enginewherein the determiner component further comprises a parsing componentfor parsing a set of input data and for categorising the input data intoenterprise domains in order to apply a rule set specific to each of theenterprise domains.

Preferably the present invention provides a transformation enginewherein the rule set determines the current status of the ITinfrastructure for each enterprise domain.

Preferably the present invention provides a transformation enginewherein each control point indicates what IT infrastructure capabilityis critical to achieving an on-demand infrastructure.

Preferably the present invention provides a transformation enginewherein the IT infrastructure capability is comprised of user ITinfrastructure, process IT infrastructure, development ITinfrastructure, information IT infrastructure and management ITinfrastructure.

Preferably the present invention provides a transformation enginewherein a control point further comprises sub control points.

Preferably the present invention provides a transformation enginewherein each control point details a set of operations to be performed.

Preferably the present invention provides a transformation enginefurther comprising a storing component for building an enterprisespecific taxonomy categorised by enterprise domains.

Preferably the present invention provides a transformation enginewherein the control points provide an architectural model for anon-demand operating environment.

Viewed from a second aspect the present invention provides a method fortransforming a legacy IT infrastructure into an on-demand ITinfrastructure, the method comprising: determining a current status ofthe legacy infrastructure; comparing the determined current status to anidealised set of outcome parameters to determine a set of deviationparameters; and determining at least one control point within the set ofdeviation parameters which require enterprise wide governance.

Viewed from a third aspect the present invention provides a computerprogram product loadable into the internal memory of a digital computer,comprising software code portions for performing, when said product isrun on a computer, to carry out the invention as described above.

BRIEF DESCRIPTION OF THE DRAWINGS

Embodiments of the invention are described below in detail, by way ofexample only, with reference to the accompanying drawings in which:

FIG. 1 is a schematic block diagram showing a computer system inaccordance with an illustrative embodiment of the present invention;

FIG. 2 is a schematic block diagram showing the components of thetransformation engine in accordance with an illustrative embodiment ofthe present invention;

FIG. 3 shows the enterprise domains in accordance with an illustrativeembodiment of the present invention;

FIG. 4 shows a block diagram of the control points of the enterpriseuser domain in accordance with an illustrative embodiment of the presentinvention;

FIG. 5 shows a block diagram of the control points of the enterpriseprocess domain in accordance with an illustrative embodiment of thepresent invention;

FIG. 6 shows a block diagram of the control points of the enterpriseinformation domain in accordance with an illustrative embodiment of thepresent invention;

FIG. 7 shows a block diagram of the control points of enterprisedevelopment domain in accordance with an illustrative embodiment of thepresent invention;

FIG. 8 shows a block diagram of the control points of the enterpriseinfrastructure management domain in accordance with an illustrativeembodiment of the present invention; and

FIG. 9 shows a flow chart detailing the operational steps of thetransformation engine in accordance with an illustrative embodiment ofthe invention.

DETAILED DESCRIPTION OF THE INVENTION

Referring to FIG. 1, a computer system 100 is shown in which anillustrative embodiment of the present invention may be implemented. Acomputer system 100 has a central processing unit 101 with primarystorage in the form of memory 102 (RAM and ROM). The memory 102 storesprogram information and data acted on or created by the programs. Theprogram information comprises the operating system code for the computersystem 100 and application code for applications running on the computersystem 100. Secondary storage comprises optical disk storage 103 andmagnetic disk storage 104. Data and program information can also bestored and accessed from the secondary storage.

The computer system 100 comprises a network connection means 105 forinterfacing the computer system 100 to a network such as a local areanetwork (LAN) or the Internet. The computer system 100 may also haveother external source communication means such as a fax modem ortelephone connection.

The central processing unit 101 comprises inputs in the form of, asexamples, a keyboard 106, a mouse 107, voice input 108, and a scanner109 for inputting text, images, graphics or the like. Outputs from thecentral processing unit 100 may include a display means 110, a printer111, sound output 112, video output 113, etc.

In a distributed system, a computer system 100 as shown in FIG. 1 may beconnected via a network connection 105 to a server on which applicationsmay be run remotely from the central processing unit 101 which is thenreferred to as a client system. The server may also provide secondarystorage of data which is accessible to the processing unit.

Applications may run on the computer systems 100 from a storage means orvia a network connection which may include spread sheet applications,database applications and other storage and retrieval mechanisms.

FIG. 2 shows the components of an illustrative embodiment of the presentinvention. The present invention provides an enhancement to currentmethodology and modelling tools in the form of a transformation engine200 suitable for the financial services sector, but equally thetransformation engine 200 may be used in any environment when anon-demand IT operating model needs to be adopted. The transformationengine 200 identifies the critical technical control points within theIT infrastructure that require enterprise wide governance from the partsof the IT infrastructure that do not. For example, when rendering a userinterface, printers are not a control point while portal services areetc. Further the transformation engine 200 also identifies specificindustry needs which are not generic to most industries, for exampleexternal gateway services and financial networks are characteristicallydifferent than typical B2B gateways and hence require differenttreatment.

The transformation engine 200 may be installed on the computer system100 as a stand-alone application or as an add-on to existing modellingtools. The transformation engine 200 comprises a number of componentsthat operate and interface with each other in order to analyse inputdata and to determine, via a set of control points, which aspects of theenterprise's IT infrastructure need to be modified, replaced or updatedto achieve enterprise wide governance. In order to achieve this thetransformation engine 200 comprises a number of sub-components namely:an input component 205 for receiving input from an external source; astorage component 210 for storing the input data, an idealised set ofinput parameters 235 representing the optimum on-demand operatingenvironment for a specific enterprise and the enterprise domains 230 andtheir control points 250; a change extraction component 215 fordetermining the current status of the enterprise's IT infrastructure,comparing the idealised parameters to the current status to determineany deviations within the transformation process and to map thedeviations to the control points to determine which deviations requireenterprise wide governance; and an output component 220 for outputting alist of control points that require attention.

The input component 205 provides a graphical user interface forinputting data into data input fields. Input data may be received viamanual input of the data by a user or via a data feed from an externalsource. The data input fields are categorised into enterprise domains.For example, an enterprise user domain, an enterprise process domain, anenterprise information domain, an enterprise development domain and anenterprise infrastructure management domain. For each enterprise domaina series of questions are displayed by the input component 205. Eachquestion relates to an area of the enterprise that requires enterprisewide governance in order to build an on-demand environment. For example,a question in the enterprise user domain may be concerned with whetherthe enterprise has any web client installed and what hardware andsoftware the web client has installed. Equally, a question in theenterprise process domain may ask for data concerning business processservices etc. The input component 205 on receiving the input datatransmits the input data to the storage component 210.

The storage component 210 interfaces with a storage medium 103, 104 forthe storing of data. The storage component 210 stores the input datareceived from the input component 205, a set of control points 250 and aset of idealised parameters 235. The set of idealised parameters 235 areenterprise and domain specific, i.e. one set of idealised parameters 235for the insurance industry and another set of idealised parameters 235for the banking industry etc. The different sets of idealised parameters235 reflect the different technical needs of various industries' etc.The storage component 210 also stores the current status of theenterprise's IT infrastructure when received from the change extractioncomponent 215. The storage component 210 also stores a set of controlpoints 250. Each control point 250 is associated with an enterprisedomain 230. Each control point 250 signifies an area of importancewithin each of the enterprise domains 230. A control point 250 acts as acheckpoint within the transformation process. Each control point 250details what IT infrastructure capability is critical to achieving anon-demand infrastructure and hence should be planned to be in operationwithin the enterprise or should already be in operation within theenterprise. As the transformation engine 200 processes the various setsof data, the storage component 210 builds an enterprise specifictaxonomy providing ease of access to the data.

The change extraction component 215 comprises a rules engine 240 and aset of rules 245. The rules engine 240 parses the set of rules 245 inorder to determine the current status of the enterprises ITinfrastructure and any deviation parameters between the current statusand the idealised parameters. If any deviations are detected, the rulesengine 240 maps the deviations to the control points 250 to determinewhich deviations require attention in order to complete thetransformation process.

Rules 245 may also be applied to the input data to determine the levelof adoption of an on-demand operating environment as an enterpriseprogresses through the transformation process.

The output component 220 displays the output from the rules engine 240.The output may comprise a report detailing the areas of the enterprise'sIT infrastructure which require attention and a progress reportdetailing the transformation progress to date. Alternatively, the outputcomponent 220 interfaces with a query tool for building different typesof reports.

As previously explained the rules engine 240 requests from the storagecomponent 210 a number of input parameters, namely, the current statusof the IT infrastructure, the idealised parameters 235 and the controlpoints 250. The control points 250 are instrumental in determining whichareas of an IT infrastructure require enterprise wide governance inorder to achieve an on-demand infrastructure. Each control point 250provides instruction as to what level of implementation is required. Acontrol point 250 may have a sub control point. Each of the controlpoints 250 and their associated enterprise domain 230 combine to form anarchitectural model for building an on-demand operating environment. Thecontrol points 250 and enterprise domains 230 act as a map as to whattechnical elements need to be in place in order to transform a legacy ITinfrastructure into an on-demand operating environment. Thearchitectural model which underpins the transformation engine 200 willnow be explained.

Referring to FIG. 4, the enterprise domains 230 are shown. The datastore comprises five enterprise domains 230, namely, an enterprise userdomain 300, an enterprise process domain 305, an enterprise informationdomain 310, an enterprise development domain 315 and an enterpriseinfrastructure management domain 320. Each of these enterprise domains230 can be populated with input data independently (from the inputcomponent 205) but interact with each other to provide a map for thecurrent state of an enterprise's legacy infrastructure.

Each enterprise domain 230 is concerned with a discrete technical areaof the enterprise's IT infrastructure. For example, the enterprise userdomain 300 is concerned with identifying and modelling the necessaryaccess points with regards to IT systems, the user computing facilitiesthat need to be shared, and determining that access can be gained tothese systems when access is required, by the appropriate people and atthe requested time.

FIG. 4 shows the control points 250 of the enterprise user domain 300 infurther detail. The enterprise user domain 300 is classified into anumber of control points, namely portal services 410, collaborationservices 415, pervasive access services 420 and user access services425, which are considered key control points. For each enterprise theabove control points are identified and the technology that is currentlyimplementing each of the control points 410, 415, 420, 425 is stored inthe data store 103, 104. It is important to understand that mostenterprises are not starting with ‘nothing’ but in fact have a rich anddiverse set of technologies that are already implemented thus it isimportant to identify what technology is already implemented, whattechnology is required to fill a function and what is alreadyimplemented that is not required.

A portal service 410 is considered as a control point because portalservices provide the means of bringing together content from a widerange of sources to the user's desktop. The access to content isprovided by portlets and allows user to personalise their user settingsand indicate which portlet page's the user would like displayed in theirportal view.

Collaboration services 415 are another control point. Collaborationservices comprise components needed to enable the user to shareinformation with other users. Examples of these services include email,real-time chat and shared folders or repositories. Pervasive accessservices 420 allow a wide range of pervasive devices to access theenterprise systems in such a way that the business application candevelop awareness of the location of user, and user access services 425provide the facilities to control access to the systems, applications,information and also the management services of the supportinginfrastructure.

Further control points describe the entry points for users to access thesystem. For example, in order to access a portal service a user mayaccess the portal service via a server managed client 430. A servermanaged client 430 is the primary interface between the user and thesystems and services the user may access. The rapid change in clienttechnologies and the growth in volume of client devices together make itessential to ensure that these devices can be managed centrally by aserver. The capability of client devices to be consistently servermanaged is therefore a control point in the IT infrastructure.

There are two types of server managed clients 430 exemplified which areof themselves control points, a web client 400 and a hybrid client 405.The web client is characterised as being dependent on the network andthe supporting application services to provide a particular function.The hybrid client is characterised as being in addition capable ofoperating as a standalone personal computer providing a similar range offunction when disconnected from the network, and which as such has muchof the functionality that is required installed on its own hardware.

Both the web client 400 and the hybrid client 405 may be categorisedinto 3 layers, for example, the application, the operating system andthe hardware layer. Each layer represents a set of applications thatoperate in that layer. The web client application layer may only beresponsible for providing user interface aspect of the applications. Thehybrid client 405 additionally supports a set of rich clientapplications that can share processes and information.

The operating system layer provides a range of services to both abstractthe hardware from the application layer and manage the hardware.Workstation management provides the capabilities needed to be a servermanaged client. Security services provide interfaces to any localsecurity hardware, and support services for a browser, JVM, and imbeddedapplications.

FIG. 5 shows the enterprise process domain 305. The enterprise processdomain 305 addresses the issues and challenges in the infrastructurethat result from the enterprises desires to enable businesstransformation, adhere to regulatory requirements and compliance, enablebusiness process outsourcing and allow the integration or separation ofacquired or divested businesses. The enterprise process domain 305comprises the following control points, business process services 500,external gateway services 510, component integration services 515,message transformation services 520 and discovery services 525.

The business process service control point 500 identifies and providesfor the separation of process and implementation of a process engine toallow changing of a process without a major application rewrite. Thebusiness process service 500 provides the capability to exploit theprocess models created during the analysis and design phase bytranslating the models into a business process execution language andproviding a choreography engine to manage the implementation.

The external gateway services control point 510 provides the ability tointegrate processes across different technology models through thealignment of web services standards. External gateway services 510 alsoinclude the ability to expose only those components that partners andcustomers are authorised to access.

The discovery services control point 525 is able to discover and connectbusiness function services at runtime. Service discovery is applicableto both internal and external services. Discovery services requirementare based on a discovery agency offering a common repository to whichservice providers publish their service information to the discoveryservice.

The component integration services control point 515 enables integrationof multiple application components in to a single business function.This also includes the ability through API's to call many disparateapplications that execute on various technologies. The messagetransformation services control point 520 provides connectioncapabilities, message mediation, intelligent routing, message contenttransformation and enrichment, logging and guaranteed message deliveryetc.

FIG. 6 illustrates the enterprise information domain 310. The enterpriseinformation domain 310 is concerned with ensuring access by applicationsto relevant information of any type when it is needed. The informationis an intelligent assimilation and rendering of data typically ofvarious types from multiple sources. The enterprise information domaincomprises the following control points, namely, data integrationservices 600, content management services 605, operational informationrepository 610, unstructured data repository 615, analytical informationrepository 620 and analysis and modelling.

The enterprise business applications are both the source and the sink ofthe data. They produce and consume information that is the concern ofthe enterprise information domain. The actual storage of the informationis the domain of the different repositories.

The business applications access and store data through one of the datamanagement services: data integration services 600, or contentmanagement services 605. Data integration services provides coherent andconsistent access to semantically structured data from a variety ofinternal and external sources which may be managed by different databasemanagement systems or stored in different types of repository, toprovide an integrated view of any defined entity; they also provide forconsistent update of information across a set of repositories under asingle instruction from the application, directed by rules or policies.Content management services 605 provide for the management of meta-datathat describes unstructured data content such as photographs, voice,video etc; and for the management of storage and retrieval of thecontent that belongs to that meta-data

The analysis and modelling control point 625 is concerned with the buildand run-time metadata and their representation. Meta-data is data thatcategorises, describes and provides control information about the dataitself. It is vital that the enterprise information domain is built on aconsistent set of design time metadata which in turn feeds and updatesthe necessary runtime data.

The unstructured data repository control point 615 quickly captures andmanages a range of data assets that have little or no internal semanticstructure, including for example documents, emails, photos, images etc.It stores, archives, searches, retrieves and delivers unstructured data.Further the unstructured data repository provides the ability to supportpotentially many different legacy content management applications.

The operational information repository 610 stores semanticallystructured data, for example database records, meta-data records etc,which are required to be maintained current, and may be retrieved andupdated on an individual record basis. It also provides for thereferential integrity of any given store of such information which isunder the management of a single database management system. It is thenormal form of information storage for systems of record supporting corebusiness applications and transactional systems.

The analytical information repository 620 stores semantically structureddata that are not maintained current, but represent an historical recordof activity, or a moment in time view across a large number of records.This repository enables an analysis to be performed across a set ofinformation that remains coherent and consistent during the course ofthe analysis. The entire repository may be updated at regular intervalsto create a new point in time position.

Moving onto FIG. 7 the enterprise development domain 315 and itscritical control points are shown. The enterprise development domain 315is concerned with identifying, developing, integrating, testing andmanaging software assets and ensuring that all available software assetsare exploited where appropriate. For example, applications that areidentified as operating in one particular department and which are notconsidered specialist software would be made available for use by andintegration into the processes of another department, thereby reducingduplication.

The enterprise development domain 315 comprises the following controlpoints: a business process modelling control point 700, a requirement,architecture and design tools control point 705, an integrateddevelopment environment control point 710, a test tool control point 715and a development process and lifecycle management control point 720.

The business modelling control point 700 is concerned with businessprocess modelling in which various aspects should be considered. Forexample: modelling to understand and aligning process in different partsof the enterprise, identifying key areas of concern in the enterpriseacross strategy, business and IT and prioritising investments; processsimulation and building process monitoring capability in order tocontinuously improve performance and process definition; and processmodelling with the purpose of understanding how to best architect andbuild application support for the organisation.

The requirements, architecture and design tools control point 705identifies tools which address consistency and control acrossrequirements, architecture and design phases of development.

The integrated development environment control point 710 addresses theissues of moving to a model driven development approach in which theintegrated development environment must be able to relate to the othertypes of models so that the function being developed can be seen in thecontext of the overall scope of the models, applications may beassembled from components originating from various sources as describedin the implementation models, and support is provided for an iterativeapproach by analysing runtime implications and highlighting problemareas.

The integrated development environment control point 710 comprisesfurther control points which are required to provide visual modellingand development support, component assembly and testing, runtimeanalysis and integration with development process and lifecycle tooling.

The test tool control point 715 addresses the capabilities required ofthe test tools in order to support a model driven development approach,and contains further control points required to support test processautomation, test case generation, test environment management, codeanalysis, profiling, security testing, co-existence testing andperformance, load and stress testing.

The most critical control point in the enterprise development domain 315is that of the development process and lifecycle management controlpoint 720. It is this control point that provides consistency acrosslinkages between the other control points and between the developmentdomain and the other domains.

The development process and lifecycle management control point 720contains further control points which provide focus in the followingareas, namely, project and programme management, tracking, control pointlinkages, portfolio management and development process.

FIG. 8 shows the control points of the enterprise infrastructuremanagement domain 320 which provides the capability to ensure that aninfrastructure is put in place to deliver the necessary performance,behaviour and reliability on a variable basis that is cost-effective andcan change as needed. The domain is divided into layers—the applicationlayer 870, the IT management software layer 875, the server and storagelayer 880 and the network layer 885.

The application layer 870 defines the application services control point800 and the transaction service control point 805. The applicationservices control point 800 is characterised by an applicationenvironment supporting a range of applications from full function webapplication through to function delivered as atomic components. Thetransaction services control point 805 is characterised by ITtransaction service management, providing efficient environments forrunning programming languages, efficient recovery and resilience,support for very high volumes of unitary operations, de facto standardsand quality of service monitoring.

The IT management software layer 875 comprises control points such asvirtualisation and grid services 810, provisioning and orchestration815, security services 820, and systems management 825.

The virtualisation and grid service control point 810 is characterisedby the management of virtualized processing power, management ofvirtualized storage capacity, management of virtualized networks. Thiscontrol point has a close link with the information and process domainsas its capabilities are needed to accommodate both data and processes.

The provisioning and orchestration service control point 815 ischaracterised by the dynamic configuration and allocation of physical orlogical IT resource units, increasing encapsulation and enactment ofbusiness policy, capture and execution of customer-defined IT bestpractices, end-to-end data centre automation for server, software,network, and storage resource change and configuration management

The provisioning and orchestration control point 815 is closely alignedwith the virtualization control point. The application of businesspolicy in provisioning and orchestration is facilitated byvirtualization. Orchestration and provisioning complements similarcapabilities provided in the lower, more physical layer within sometypes of IT infrastructure components, for example, partitioning withina physical footprint shares or re-allocates resource within thatfootprint. It does so by operating across multiple physical footprintsof such components, and acts in response to business policy rather thanresource usage.

The security service control point 820 provides for focus forinfrastructure security, intrusion or other breach detection and remedy,audit of activity.

The systems management service control point 825 provides for directworkload and job management, configuration management, problemdetermination and remedy, monitoring of activity and resources andmetering of activity and resources.

The servers and storage layer 880 is concerned with physical hardwareunits. An important consideration in this layer is the distinctionbetween channel application servers 835 and business application servers845. The two types of servers could be considered together as a singlegroup of servers, but it is useful to differentiate between thedistributions channels (front office) and the main business engines(back office) within the financial enterprise since the former canaddress the demands of scale through the implementation of multipleunits, while the latter are normally constrained to scale through theuse of larger units. This grouping is also useful because the activitiesand focus of front office and back office create such large differencesin workloads and qualities of service. The front office is focused onsupporting the customer touch points and the interactions and flow ofwork that results from the interactions. The back office is all aboutmassive and, as far as possible, automated straight through processing.So, broadly, this categorization into two elements is useful as itidentifies the two significantly different groups of characteristics andneeds. However, it is important to recognize that the same physicalserver types may support either or both elements.

The client control point 830 represents the end user computing platformitself. It is characterised by the changing workload profile (increasingbrowser with plug-in replacing some or all local applicationprocessing), increasingly blurred role and boundary as the logicalclient replaces the physical device and user interface. The clientcontrol point has a close link with both the user and the processdomains as need to accommodate access by the user to applicationssupporting the business processes.

The channel application server control point 835 is characterised by theworkload being offloaded from the client to the channel applicationserver, further workload profile changes are occurring as more and moredata flows in the channels, involving greater complexity as well asincreased volume, increasing demands of supporting and servicing thechannel rather than the business function. Increasing use of “userworkflow”, either for the allocation of work items to users or to ensurethat the user adheres to a prescribed process, is also changing the roleand workload, as is increased use of the Internet and internetstandards.

The business application servers 845 control point meets the needs ofthose applications that are essentially transactional in nature andrequire the support of vertically scalable servers to meet very highvolume workloads.

The enterprise cryptography control point 840 supports the increasingneeds of financial services applications that rely on cryptographictechniques to provide the confidentiality and authentication required inthe environment. For example Secure Sockets Layer (SSL) technology is akey technology for conducting secure e-commerce, and it is in use by arapidly increasing number of applications that demand new levels ofsecurity and performance.

The network layer 885 is concerned with the communication connectivityand transport around the IT infrastructure as a whole. An importantfactor to consider here is network convergence, the previously separatenetworking behind voice, digital media transmission such as video, andthe IT networks are all converging on the same network. The networklayer 885 comprises a local area network control point 855, a wide areanetwork control point 860 and a data centre network control point 865.Each network comprises its own characteristics, for example, a datacentre network places much higher demands than a local area network anda wide area network on characteristics such as bandwidth capacity,latency and resilience; whereas the local and wide area networks requireadditional security capabilities to address the risks of externalconnectivity.

Moving onto FIG. 9, the transformation engine 200 is explained in use.At step 900 the transformation engine 200 receives a trigger requestfrom the input component 205. The transformation engine 200 sends arequest to the storage component 210 to obtain the idealised parameters235, the control points 250 for each enterprise domain 230 and the inputdata 225.

At step 905, the rules engine 240 parses the input data in order tobuild a map of the current status of the enterprise's legacyinfrastructure. At step 910, the rules engine 240 compares the mapdetailing the current status with each of the associated idealisedoutcome parameters 235. The idealised parameters 235 comprise parametersconcerning the type of web client, hybrid client, data integrationservices and transaction services etc. In parallel with the comparisonstep (step 910), the transformation engine 200, at step 915, determinesfor each enterprise domain 230 the control points 250 that are relevantfor the requesting enterprise. The relevant control points 250 arecompared to the comparison data of step 910 and the transformationengine 200 invokes the change extraction component 215 (which in turninvokes the rules engine 240) to determine any deviations in thecomparison data. The identified deviations are flagged as requiringattention by the change extraction engine 215.

The comparison data and the flagged deviations are transmitted to theoutput component 220 for generating a set of recommendations to the userat step 920. The set of recommendation may be categorised by enterprisedomain 230 and list the technical areas that require attention in orderto complete the transformation process to an on-demand operatingenvironment. Query tools and report may be invoked to generate furtherstatistical data, such as score cards, the progress status at aparticular point in time, detailed statistical data about eachenterprise domain and areas of strength and areas of weakness.

It should be appreciated that the teachings of the present inventioncould be offered as a business method on a subscription or fee basis.For example, a computer system comprising a transformation engine couldbe created, maintained and/or deployed by a service provider that offersthe functions described herein for customers. That is, a serviceprovider could offer to provide infrastructure transformation servicesas described above.

It is understood that the systems, functions, mechanisms, methods,engines and modules described herein can be implemented in hardware,software, or a combination of hardware and software. They may beimplemented by any type of computer system or other apparatus adaptedfor carrying out the methods described herein. A typical combination ofhardware and software could be a general-purpose computer system with acomputer program that, when loaded and executed, controls the computersystem such that it carries out the methods described herein.Alternatively, a specific use computer, containing specialized hardwarefor carrying out one or more of the functional tasks of the inventioncould be utilized. In a further embodiment, part of all of the inventioncould be implemented in a distributed manner, e.g., over a network suchas the Internet.

The present invention can also be embedded in a computer programproduct, which comprises all the features enabling the implementation ofthe methods and functions described herein, and which—when loaded in acomputer system—is able to carry out these methods and functions. Termssuch as computer program, software program, program, program product,software, etc., in the present context mean any expression, in anylanguage, code or notation, of a set of instructions intended to cause asystem having an information processing capability to perform aparticular function either directly or after either or both of thefollowing: (a) conversion to another language, code or notation; and/or(b) reproduction in a different material form.

The invention claimed is:
 1. A system for transforming a legacy ITinfrastructure including at least one of legacy IT hardware or legacy ITsoftware into an on-demand IT infrastructure including at least one ofon-demand IT hardware or on-demand IT software in a financial servicesenterprise, the system comprising: at least one computing deviceconfigured to form: a determiner component that determines a currentstatus of the legacy IT infrastructure, the determiner componentincluding a parsing component that parses at least one set of inputdata, that categorises the at least one set of input data intoenterprise domains, and that applies a respective specific rule set toeach enterprise domain; a comparator component that compares thedetermined current status to the idealised set of outcome parameters todetermine a set of deviation parameters; the determiner componentdetermining at least one control point within the set of deviationparameters which require enterprise wide governance, each of the atleast one control point including information as to what on-demand ITinfrastructure capability should be included to achieve the on-demand ITinfrastructure, all of the at least one control point combining toprovide an on-demand operating architectural model of an on-demandoperating environment that provides desired characteristics on avariable basis as requested by clients; an enterprise infrastructuremanagement domain that ensures the on-demand operating environment willdeliver the desired characteristics on a variable basis and including atleast an IT management software layer, the IT management software layerincluding at least a virtualisation and grid services control point; andan enterprise information domain that includes: a data integrationservices control point providing access to semantically structured datafrom internal and external sources, providing an integrated view of anydefined entity, and providing consistent updates of information across aset of repositories under a single instruction from an application; acontent management services control point providing for management ofmetadata that describes unstructured data contact including at least oneof photographs, voice or video, and providing for management of storageand retrieval of content belonging to the metadata; an operationalinformation repository control point storing semantically structureddata including at least one of database records or metadata records, thesemantically structured data required to be maintained current and beingcapable of retrieval and updating on an individual record basis; anunstructured data repository control point capturing and managing arange of data assets, the range of data assets being without an internalsemantic structure; an analytical information repository control pointstoring semantically structured data that are not maintained current,the semantically structured data not maintained current representing atleast one of a historical record of activity or a moment-in-time viewacross a number of records, the analytical information repositorycontrol point enabling analysis across a set of information that remainsconsistent during the analysis and being updated at regular intervals tocreate a new point-in-time position; and an analysis and modelingcontrol point analyzing and modeling the metadata managed by the contentmanagement services control point.
 2. The system as claimed in claim 1,wherein the at least one computing device is further configured to forma change extraction component for monitoring a level of adoption of theat least one control point in the on-demand operating infrastructure. 3.The system as claimed in claim 1, wherein the virtualisation and gridservice control point comprises details of a set of operations to beperformed that enable at least one of management of virtualisedprocessing power, management of virtualised storage capacity, andmanagement of virtualised networks.
 4. The system as claimed in claim 1,wherein each control point details a set of operations to be performedthat enable indication of aspects of on-demand IT infrastructurecapability needed to achieve an on-demand infrastructure, the aspects ofon-demand IT infrastructure capability including at least on-demand userIT infrastructure, on-demand process IT infrastructure, on-demanddevelopment IT infrastructure, on-demand information IT infrastructure,and on-demand management IT infrastructure.
 5. The system as claimed inclaim 1, further comprising an enterprise development domain thatincludes at least one of a business process modeling control point, arequirement/architecture/design tools control point, an integrateddevelopment environment control point, a test tools control point, and adevelopment process/life cycle management control point.
 6. The systemas claimed in claim 1, wherein a control point further comprises subcontrol points.
 7. The system as claimed in claim 1, further comprisingan enterprise process domain that includes at least one of a businessprocess services control point, an external gateway services controlpoint, a component integration services control point, a messagetransformation services control point, an a discovery services controlpoint.
 8. The system as claimed in claim 1, wherein the at least onecomputing device is further configured to form a storing component thatbuilds an enterprise specific taxonomy categorised by enterprisedomains.
 9. The system as claimed in claim 1, further comprising a userdomain that includes at least one of a portal services control point, acollaboration services control point, a pervasive access servicescontrol point, a user access services control point, and a servermanaged client control point, the server managed client control pointincluding at least one of a web client and a hybrid client.
 10. A methodfor transforming a legacy IT infrastructure including at least one oflegacy IT hardware or legacy IT software into an on-demand ITinfrastructure including at least one of on-demand IT hardware oron-demand IT software, the method comprising: determining by at leastone computer a current status of the legacy IT infrastructure,including, responsive to receiving at least one set of input data,parsing the at least one set of input data; categorising by the at leastone computer the at least one set of input data into enterprise domains;applying by the at least one computer a respective rule set specific toa respective enterprise domain; comparing by the at least one computerthe determined current status to an idealised set of outcome parametersto determine a set of deviation parameters; determining by the at leastone computer at least one control point within the set of deviationparameters which require enterprise wide governance, the at least onecontrol point including information as to what on-demand ITinfrastructure capability should be included to achieve the on-demand ITinfrastructure, all of the at least one control point combining toprovide an on-demand operating architectural model of an on-demandoperating environment that provides desired characteristics on avariable basis as requested by clients; and ensuring by the at least onecomputer and an enterprise infrastructure management domain that theon-demand operating environment will deliver the desired characteristicson a variable basis, the enterprise infrastructure management domainincluding at least an IT management software layer, the IT managementsoftware layer including at least a virtualisation and grid servicescontrol point, wherein the enterprise domains include an enterpriseinformation domain that includes: a data integration services controlpoint providing access to semantically structured data from internal andexternal sources, providing an integrated view of any defined entity,and providing consistent updates of information across a set ofrepositories under a single instruction from an application; a contentmanagement services control point providing for management of metadatathat describes unstructured data contact including at least one ofphotographs, voice or video, and providing for management of storage andretrieval of content belonging to the metadata; an operationalinformation repository control point storing semantically structureddata including at least one of database records or metadata records, thesemantically structured data required to be maintained current and beingcapable of retrieval and updating on an individual record basis; anunstructured data repository control point capturing and managing arange of data assets, the range of data assets being without an internalsemantic structure; an analytical information repository control pointstoring semantically structured data that are not maintained current,the semantically structured data not maintained current representing atleast one of a historical record of activity or a moment-in-time viewacross a number of records, the analytical information repositorycontrol point enabling analysis across a set of information that remainsconsistent during the analysis and being updated at regular intervals tocreate a new point-in-time position; and an analysis and modelingcontrol point analyzing and modeling the metadata managed by the contentmanagement services control point.
 11. A method as claimed in claim 10,further comprising monitoring by the at least one computer the level ofadoption of the at least one control point in the on-demand operatinginfrastructure.
 12. A method as claimed in claim 10, wherein thevirtualisation and grid service control point further comprises detailsof a set of operations to be performed that enable at least one ofmanagement of virtualised processing power, management of virtualisedstorage capacity, and management of virtualised networks.
 13. A methodas claimed in claim 10, wherein each control point details a set ofoperations to be performed that enable indication of aspects ofon-demand IT infrastructure capability needed to achieve an on-demandinfrastructure, the aspects of on-demand IT infrastructure capabilityincluding at least on-demand user IT infrastructure, on-demand processIT infrastructure, on-demand development IT infrastructure, on-demandinformation IT infrastructure, and on-demand management ITinfrastructure.
 14. A method as claimed in claim 10, wherein theenterprise domains include an enterprise development domain thatincludes at least one of a business process modeling control point, arequirement/architecture/design tools control point, an integrateddevelopment environment control point, a test tools control point, and adevelopment process/life cycle management control point.
 15. A method asclaimed in claim 10, wherein a control point further comprises subcontrol points.
 16. A method as claimed in claim 10, wherein theenterprise domains include an enterprise process domain that includes atleast one of a business process services control point, an externalgateway services control point, a component integration services controlpoint, a message transformation services control point, an a discoveryservices control point.
 17. A method as claimed in claim 10, furthercomprising building by the at least one computer an enterprise specifictaxonomy categorised by enterprise domains.
 18. A method as claimed inclaim 10, wherein the enterprise domains include a user domain thatincludes at least one of a portal services control point, acollaboration services control point, a pervasive access servicescontrol point, a user access services control point, and a servermanaged client control point, the server managed client control pointincluding at least one of a web client and a hybrid client.
 19. Acomputer program product including instructions in the form of computerexecutable code stored on a non-transitory computer readable storagemedium and loadable into the internal memory of a digital computerconfigured for performing, when said product is run on a computer, aprocess of transforming a legacy IT infrastructure including at leastone of legacy IT hardware or legacy IT software into an on-demand ITinfrastructure including at least one of on-demand IT hardware oron-demand IT software, the computer program product comprising: programcode configured for determining a current status of the legacy ITinfrastructure, including parsing at least one set of input data,categorising the at least one set of input data into enterprise domains,and applying a specific rule set to a respective enterprise domain;program code configured for comparing the determined current status toan idealised set of outcome parameters to determine a set of deviationparameters; program code configured for determining at least one controlpoint within the set of deviation parameters which require enterprisewide governance, the at least one control point including information asto what on-demand IT infrastructure capability should be included toachieve the on-demand IT infrastructure, all of the at least one controlpoint combining to provide an on-demand operating architectural model ofan on-demand operating environment that provides desired characteristicson a variable basis as requested by clients; and program code configuredfor ensuring, with an enterprise infrastructure management domain, thatthe on-demand operating environment will deliver the desiredcharacteristics on a variable basis, the enterprise infrastructuremanagement domain including at least an IT management software layer,the IT management software layer including at least a virtualisation andgrid services control point, wherein the enterprise domains include anenterprise information domain that includes: a data integration servicescontrol point providing access to semantically structured data frominternal and external sources, providing an integrated view of anydefined entity, and providing consistent updates of information across aset of repositories under a single instruction from an application; acontent management services control point providing for management ofmetadata that describes unstructured data contact including at least oneof photographs, voice or video, and providing for management of storageand retrieval of content belonging to the metadata; an operationalinformation repository control point storing semantically structureddata including at least one of database records or metadata records, thesemantically structured data required to be maintained current and beingcapable of retrieval and updating on an individual record basis; anunstructured data repository control point capturing and managing arange of data assets, the range of data assets being without an internalsemantic structure; an analytical information repository control pointstoring semantically structured data that are not maintained current,the semantically structured data not maintained current representing atleast one of a historical record of activity or a moment-in-time viewacross a number of records, the analytical information repositorycontrol point enabling analysis across a set of information that remainsconsistent during the analysis and being updated at regular intervals tocreate a new point-in-time position; and an analysis and modelingcontrol point analyzing and modeling the metadata managed by the contentmanagement services control point.
 20. A computer program product asclaimed in claim 19, further comprising program code configured forforming a monitoring component that monitors a level of adoption of theat least one control point in the on-demand operating infrastructure.21. A computer program product as claimed in claim 19, wherein thevirtualisation and grid service control point further comprises detailsof a set of operations to be performed that enable at least one ofmanagement of virtualised processing power, management of virtualisedstorage capacity, and management of virtualised networks.
 22. A computerprogram product as claimed in claim 19, wherein each control pointdetails a set of operations to be performed that enable indication ofaspects of on-demand IT infrastructure capability needed to achieve anon-demand infrastructure, the aspects of on-demand IT infrastructurecapability including at least on-demand user IT infrastructure,on-demand process IT infrastructure, on-demand development ITinfrastructure, on-demand information IT infrastructure, and on-demandmanagement IT infrastructure.
 23. A computer program product as claimedin claim 19, wherein the enterprise domains include an enterprisedevelopment domain that includes at least one of a business processmodeling control point, a requirement/architecture/design tools controlpoint, an integrated development environment control point, a test toolscontrol point, and a development process/life cycle management controlpoint.
 24. A computer program product as claimed in claim 19, wherein acontrol point further comprises sub control points.
 25. A computerprogram product as claimed in claim 19, wherein the enterprise domainsinclude an enterprise process domain that includes at least one of abusiness process services control point, an external gateway servicescontrol point, a component integration services control point, a messagetransformation services control point, an a discovery services-controlpoint.
 26. A computer program product as claimed in claim 19, furthercomprising program code configured for building an enterprise specifictaxonomy categorised by enterprise domains.
 27. A computer programproduct as claimed in claim 19, wherein the enterprise domains include auser domain that includes at least one of a portal services controlpoint, a collaboration services control point, a pervasive accessservices control point, a user access services control point, and aserver managed client control point, the server managed client controlpoint including at least one of a web client and a hybrid client.